<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<!--#include file="../Include/conn.asp" -->
<!--#include file="../Include/config.asp" -->
<%
echo ob_get_contents(zych_templatedir&"u_login.asp")
%>
<%if Request.QueryString("login")="ok" then
username=Replace(request.Form("username"), "'", "''") 
password=md5(Request("password"))
if username=""  then 
response.Write("<script language=javascript>alert('请输入登陆帐号!');history.go(-1)</script>") 
response.end
end if 
if Request("password")=""  then 
response.Write("<script language=javascript>alert('请输入登陆密码!');history.go(-1)</script>") 
response.end
end if 
sql="select * from [user] where username='"&username&"' and userpassword='"&password&"'" 
set rs=conn.execute(sql) 
if rs.eof or rs.bof then 
response.Write("<script language=javascript>alert('帐号密码错误!');history.go(-1)</script>")  
response.End
end if
if rs("sh")=0 then
response.Write("<script language=javascript>alert('对不起，您的帐号暂时未通过审核！请稍候再尝试登陆!');history.go(-1)</script>")  
response.End()
end if
session("username")=rs("id")
session("key")=rs("key")
sql="update [user] set dlcs=dlcs+1 where id="&session("username") '登陆次数+1
conn.execute(sql) 
sql="update [user] set dldata=#"&now&"# where id="&session("username")  '记录登陆时间
conn.execute(sql) 
Response.Write("<script language=""JavaScript"">alert("""&rs("username")&" 登陆成功！这是您第"&rs("dlcs")&"次登陆!"");window.location.href='"&dir&"User/?action=admin';</script>")
end if

if request("register")="ok" then
ip=request.servervariables("remote_addr")
username=replace(trim(request.form("username")),"'","") 
userpassword=replace(trim(Request.form("userpassword")),"'","") 
userpassword2=replace(trim(Request.form("userpassword2")),"'","") 
zsname=request.form("zsname")
tel=request.form("tel")
qq=request.form("qq")
VerifyCode=request.form("VerifyCode")
if username="" then
response.write "<script>alert('请填写登陆帐号!');history.go(-1);</script>"  
response.end 
end if
letters="0123456789abcdefghijklmnopqrstuvwxyz" 
username=Lcase(trim(Request.Form("username"))) 
for i=1 to len(username) 
u=mid(username,i,1) 
if Instr(letters,u)=0 then 
response.write "<script>alert('登陆帐号只能由字母、数字及下划线组成!');history.go(-1);</script>" 
response.end 
end if 
next 
if len(username)<2 or len(username)>12 then   
response.write "<script>alert('帐号必须为2至12位!');history.go(-1);</script>" 
response.end 
end if 
if userpassword="" or userpassword2="" then
response.write "<script>alert('请填写登陆密码!!');history.go(-1);</script>"  
response.end 
end if
if userpassword<>userpassword2 then 
response.write "<script>alert('两次密码输入不一致,请重新输入!');history.go(-1);</script>"  
response.end 
end if
letters="0123456789abcdefghijklmnopqrstuvwxyz" 
userpassword=Lcase(trim(Request.Form("userpassword"))) 
for i=1 to len(userpassword) 
u=mid(userpassword,i,1) 
if Instr(letters,u)=0 then 
response.write "<script>alert('登陆密码只能由字母、数字及下划线组成!');history.go(-1);</script>" 
response.end 
end if 
next 
if len(userpassword)<6 or len(userpassword)>20 then   
response.write "<script>alert('密码必须为6至20位!');history.go(-1);</script>" 
response.end 
end if 
if zsname="" then
response.write "<script>alert('请填写真实姓名!');history.go(-1);</script>"  
response.end 
end if
if tel="" then
response.write "<script>alert('联系电话不能为空');history.go(-1);</script>"  
response.end 
end if
if qq="" then
response.write "<script>alert('QQ号不能为空!');history.go(-1);</script>"  
response.end 
end if
if  VerifyCode="" then 
response.Write("<script language=javascript>alert('验证码不能为空!');history.go(-1)</script>") 
response.end
end if 
if cstr(Session("firstecode"))<>cstr(Request.Form("VerifyCode")) then
response.Write("<script language=javascript>alert('验证码错误!');history.go(-1)</script>")
response.End
end if
set rs=server.createobject("adodb.recordset")
sql="select * from [user] where username='"&username&"'" 
rs.open sql,conn,1,3
if not rs.eof then
response.write "<script>alert('对不起，此登陆帐号名已被注册！请更换其它帐号!');history.go(-1);</script>"  
response.end 
end if
rs.addnew
rs("username")=username
rs("userpassword")=md5(request.form("userpassword"))
rs("zsname")=zsname
rs("ip")=ip
rs("tel")=tel
rs("qq")=qq
rs("key")=1
rs("sh")=usersh
rs.update
rs.close
set rs=nothing
conn.close
set rs=nothing
Response.Write "<script>alert('恭喜!注册成功，返回登陆！');window.location.href='login.asp';</script>" 
end if %>